Description of problem:
Implementation of http://projects.theforeman.org/issues/4238 introduced a BFA protection, however this is not configurable at all (enable/disable, number of retries, blacklist timeout, etc.).
It would be beneficial, if I as an admin had a way of configure or completely disable the feature.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Go to Administer -> Settings and search for "failed_login_attempts_limit"
It is not there
It should be there
Upstream bug assigned to email@example.com
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/22778 has been resolved.
put qe_ack + , as this an important fix (adding the ability to disable or to fine tune the number of attempts of authenticated login to be considered as Brute-force attack) for the Brute-force attack protection
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.